I'm attempting to write a simple Bash script that will help me verify some Windows registry settings. All the data is within folders (which is the computer's hostname), and at the path stated in the script. The end goal is to verify the hosts that have the value incorrectly set, based on registry key value at the end of the line.
For reference of the script, parameter one is the registry key I would like to look for, parameter two is the value it should be. If $control
matches what is on the end of $value
's string then it should output the machine name which is the variable $FOLDER
list=$(ls)
regkey=$1
control=$2
for FOLDER in $list
do
value=$($FOLDER/policies/Effective-Security-policy.txt | grep "$regkey")
if [[ "$value" =~ $control ]] ;
then
echo $FOLDER
else
continue
fi
done
However, I can't get it to do a strict compare, because there is also a registry key named RestrictAnonymousSAM
and it will list out values that are incorrect.
Here are some of the lines from within the text file, I need to be able to differentiate between the two, so the returned values are for that particular registry key:
MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymous=4,0
MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymousSAM=4,1
If I understand correctly what you're trying to do, I think you should write:
regkey="$1"
control="$2"
for FOLDER in * ; do
file="$FOLDER/policies/Effective-Security-policy.txt"
if iconv -s -f utf-16 -t utf-8 "$file" \
| grep -q '^[^=]*\\'"$regkey=$control$"
then
echo "$FOLDER"
fi
done
grep -q
searches the file for lines matching the pattern, but does not print them out. This makes it well-suited to use in if
-tests, since grep
returns 0
(success/true) if it finds a match and 1
(error/false) if it does not.
(Important note: the above assumes that $regkey
and $control
can't contain any metacharacters that grep
might treat specially. If they can , then this becomes trickier.)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.